3 matches found
Vulnerability of the Montgomery modular exponentiation function with constant time complexity in the OpenSSL and BoringSSL libraries, allowing attackers to execute arbitrary code.
The vulnerability of the Montgomery modular multiplication function with a constant time cost in the OpenSSL and BoringSSL libraries relates to the possibility of writing data beyond the buffer boundaries into memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by...
Updated botan packages fix security vulnerability
In the Montgomery exponentiation code, a table of precomputed values is used. An attacker able to analyze which cache lines were accessed perhaps via an active attack such as Prime+Probe could recover information about the exponent CVE-2017-14737...
MGASA-2017-0422 Updated botan packages fix security vulnerability
In the Montgomery exponentiation code, a table of precomputed values is used. An attacker able to analyze which cache lines were accessed perhaps via an active attack such as Prime+Probe could recover information about the exponent CVE-2017-14737...